Xamarin is one of the most popular frameworks used for cross-platform mobile app development. It allows software developers to share about 90 percent of code across major platforms (Android, iOS, Windows Phone).

DexProtector, the most advanced mobile app protection solution, supports the protection of Xamarin applications (available in the enterprise version) and today we will tell you how to use DexProtector to protect your Xamarin-based applications.

Code Protection, Content Protection, Integrity Control, Environment Checks - all the features can be used for Xamarin apps. As well as that, you can use DexProtector SEE/CryptoModule just like for any other Android/iOS application.

1. Code Protection

You can use all the standard protection mechanisms for Dalvik bytecode which in this case contains Android Wrapper Classes (Activity, ContentProvider, Receiver, Service), Xamarin/Mono support classes and third-party library classes:

String Encryption

Class Encryption

Hide Access

For native libraries, you can use:

Native code obfuscation (excluding Mono Runtime)

Native code encryption

Native code anti-debugging (gdb).

DexProtector is capable of interacting with Mono Runtime which allows you to encrypt Xamarin assemblies. You can use the <xamarinAssemblies/> node to enable the encryption of the assemblies and to configure the filters. For example:

3. Integrity Control

You know that DexProtector provides the most reliable integrity control (tamper-proofing) among other obfuscators and protectors. The integrity control works out of the box and enabled by default for Xamarin applications just like for other Android or iOS applications.

From the security point of view, it is important that the Java class that contains doProbe and positive/negative callbacks is protected with String Encryption, HideAccess, ClassEncryption.

5. Secure Execution Environment

Secure Execution Environment is the self-defending secure native VM. It is capable of running cryptographic operations inside via the CryptoModule. It also has a HSM-like application pre-installed with WhiteBox Crypto key management system. You can easily integrate your application with SEE via native API. If you are interested in SEE/CryptoModule, please request details via email - primary@licelus.com.

As you see, all the mechanisms work perfectly for Xamarin-based applications, including Environment Checks (root, debug, emulator, hooks, ...) and CryptoModule. If you have any questions, just drop us a line via the contact form or email.